Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

In Season 3, The Comeback returns to meet TV’s weird moment

Twelve years is a long time to be away from television, especially when you’re Valerie Cherish. But when The Comeback ...
Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...

We Tried Quilty, the AI Tool That Analyzes Scripts. The Results Were Shocking

We ran screenplay for three hits — and one notable bomb — to see what Quilty would say, and the results were surprising.

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...